[Feature] Adding special information for function invoking by backend triggers.

[Zing22]

Search before asking

• I had searched in the issues and found no similar issues.

Feature Request

I have a __interceptor__ function to check signature from front-end (shown below). But when the triggers invoke function from back-end, it will be intercepted because of no signature.

i hope to have special mark for the invoking by triggers, or just skip __interceptor__ like cloud.invoke() does.

Here is the code of my __interceptor__ function, it will print "invalid sign" when triggers calling.

import cloud from '@lafjs/cloud'
import CryptoJS from 'crypto-js';


// 检查签名是否有效
function verifySign(signKey: string, data: string, signature: string) {

  // 使用HMAC-SHA256算法进行验证
  const isValid = CryptoJS.HmacSHA256(data, signKey).toString() === signature;
  return isValid;
}


function compareDateStrings(dateString1: string, dateString2: string, n: number): boolean {
  const date1 = new Date(dateString1);
  const date2 = new Date(dateString2);
  const diffInSeconds = Math.abs((date1.getTime() - date2.getTime()) / 1000);
  return diffInSeconds <= n;
}


export async function main(ctx: FunctionContext) {
  let signKey = cloud.env.SIGN_KEY;
  if (!signKey) {
    // 没有开启
    return true;
  }
  const { signdata, signstr } = ctx.headers;
  const isValid = verifySign(signKey, signdata, signstr);

  if (!isValid) {
    console.log("invalid sign");
    return false;
  }

  // 检查时间
  const now = new Date().toISOString();
  const threshold = 30;  // 秒
  const timeCheck = compareDateStrings(now, signdata, threshold);

  if (!timeCheck) {
    console.log("time check failed", now, signdata);
    return false;
  }

  return true;
}

Are you willing to submit PR?

• Yes I am willing to submit a PR!

[HUAHUAI23]

you can use cloud.share save global information